'timeout' => apply_filters( 'http_request_timeout', 5),
'redirection' => apply_filters( 'http_request_redirection_count', 5),
'httpversion' => apply_filters( 'http_request_version', '1.0'),
- 'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ),
+ 'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ),
+ 'reject_unsafe_urls' => apply_filters( 'http_request_reject_unsafe_urls', false ),
'blocking' => true,
'headers' => array(),
'cookies' => array(),
$r = wp_parse_args( $args, $defaults );
$r = apply_filters( 'http_request_args', $r, $url );
- // Certain classes decrement this, store a copy of the original value for loop purposes.
- $r['_redirection'] = $r['redirection'];
+ // The transports decrement this, store a copy of the original value for loop purposes.
+ if ( ! isset( $r['_redirection'] ) )
+ $r['_redirection'] = $r['redirection'];
// Allow plugins to short-circuit the request
$pre = apply_filters( 'pre_http_request', false, $r, $url );
if ( false !== $pre )
return $pre;
- $arrURL = parse_url( $url );
+ if ( $r['reject_unsafe_urls'] )
+ $url = wp_http_validate_url( $url );
+ if ( function_exists( 'wp_kses_bad_protocol' ) )
+ $url = wp_kses_bad_protocol( $url, array( 'http', 'https', 'ssl' ) );
+
+ $arrURL = @parse_url( $url );
if ( empty( $url ) || empty( $arrURL['scheme'] ) )
return new WP_Error('http_request_failed', __('A valid URL was not provided.'));
// If location is found, then assume redirect and redirect to location.
if ( isset($arrHeaders['headers']['location']) && 0 !== $r['_redirection'] ) {
if ( $r['redirection']-- > 0 ) {
- return $this->request( WP_HTTP::make_absolute_url( $arrHeaders['headers']['location'], $url ), $r);
+ return wp_remote_request( WP_HTTP::make_absolute_url( $arrHeaders['headers']['location'], $url ), $r);
} else {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
array(
'method' => strtoupper($r['method']),
'user_agent' => $r['user-agent'],
- 'max_redirects' => $r['redirection'] + 1, // See #11557
+ 'max_redirects' => 0, // Follow no redirects
+ 'follow_redirects' => false,
'protocol_version' => (float) $r['httpversion'],
'header' => $strHeaders,
'ignore_errors' => true, // Return non-200 requests.
else
$processedHeaders = WP_Http::processHeaders($meta['wrapper_data']);
- // Streams does not provide an error code which we can use to see why the request stream stopped.
- // We can however test to see if a location header is present and return based on that.
- if ( isset($processedHeaders['headers']['location']) && 0 !== $args['_redirection'] )
- return new WP_Error('http_request_failed', __('Too many redirects.'));
+ if ( ! empty( $processedHeaders['headers']['location'] ) && 0 !== $r['_redirection'] ) { // _redirection: The requested number of redirections
+ if ( $r['redirection']-- > 0 ) {
+ return wp_remote_request( WP_HTTP::make_absolute_url( $processedHeaders['headers']['location'], $url ), $r );
+ } else {
+ return new WP_Error( 'http_request_failed', __( 'Too many redirects.' ) );
+ }
+ }
if ( ! empty( $strResponse ) && isset( $processedHeaders['headers']['transfer-encoding'] ) && 'chunked' == $processedHeaders['headers']['transfer-encoding'] )
$strResponse = WP_Http::chunkTransferDecode($strResponse);
// The option doesn't work with safe mode or when open_basedir is set, and there's a
// bug #17490 with redirected POST requests, so handle redirections outside Curl.
curl_setopt( $handle, CURLOPT_FOLLOWLOCATION, false );
+ if ( defined( 'CURLOPT_PROTOCOLS' ) ) // PHP 5.2.10 / cURL 7.19.4
+ curl_setopt( $handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS );
switch ( $r['method'] ) {
case 'HEAD':
// See #11305 - When running under safe mode, redirection is disabled above. Handle it manually.
if ( ! empty( $theHeaders['headers']['location'] ) && 0 !== $r['_redirection'] ) { // _redirection: The requested number of redirections
if ( $r['redirection']-- > 0 ) {
- return $this->request( WP_HTTP::make_absolute_url( $theHeaders['headers']['location'], $url ), $r );
+ return wp_remote_request( WP_HTTP::make_absolute_url( $theHeaders['headers']['location'], $url ), $r );
} else {
return new WP_Error( 'http_request_failed', __( 'Too many redirects.' ) );
}